As our new hybrid work environment has begun to emerge, we’ve seen a rise in cyber-attacks. Earlier this month, the WSJ had yet another special section dedicated to just cybersecurity. James Rundle describes the hacker’s dream, “…with employees bringing their laptops into company networks and then taking them back home — where they’re much more exposed to hackers and can easily get infected with malware.” In this scenario, we shouldn’t be surprised that companies are facing an increased amount of security threats. Cybersecurity Ventures predicts ransomware will cost its victims around $265 billion annually by 2031 with a new attack every 2 seconds. No company, big or small, is immune.
Breaches are happening in greater frequency across all industries
There are too many events to list all of them, however over the last 6 months we’ve seen:
- SolarWinds: In December 2020, Russian hackers compromised the software provider which is predicted to have far reaching effects into the future.
- Colonial Pipeline: In May 2021, the Colonial Pipeline, the largest fuel pipeline in the United States, was the target of a ransomware attack and the CEO paid $4.4M dollars because he was unsure of the extent of the breach.
- JBS Meat Processing: In May 2021, the world’s largest meat processing company, Brazilian-based JBS, closed off one-fourth of American operations for two days so the firm could shut down its computer systems to limit the scale of the breach.
A perfect storm
There’s a complex blend of geopolitical, cybersecurity, and environmental factors but the underlying reasons are:
- Ransomware, a specialized form of malware (“malicious software”), has gotten easier to execute
- Collecting ransom, is more trouble-free with the proliferation of bitcoin
- Enterprises are going digital first and working with more third parties in a hybrid environment
- Companies have shown they are willing to pay, thereby increasing incentives
These events have been so widespread and devastating to the US economy, that they led to President Biden releasing an Executive Order aimed squarely at improving the nation’s cybersecurity. Notably, the order mentions that "we need to use the purchasing power of the Federal Government to drive the market to build security into all software from the ground up."
The Biden administration has encouraged businesses to shore up their cyber defenses and review corporate security practices. We believe that this is where the Box Content Cloud comes in. Box is a secure place for you to collaborate on mission-critical business processes—ensuring business continuity while reducing the risk of ransomware and other types of malware. Box can be used as part of a multi-layered “zero-trust” defense and depth strategy, where we benefit you from being closer to the content (or file) vs. your traditional perimeter-based approach.
There are four ways in which we can help you minimize ransomware disruption:
- Prevention: use the Box Content Cloud with versioning, native security features (MFA, Device Trust), and Box Shield external sharing controls
- Detection: employ Box Shield to scan files for malicious content, including ransomware, on “active” content and use suspicious location and session alerts to monitor abnormal user behavior that can be fed into your SIEM
- Containment: configure Box Shield to automatically block the download of malicious content to your local machine or sync across other apps so it will not proliferate while still being able to preview and edit online
- Remediation: restore files that were locked or modified with Box’s version control, if you do get breached